package com.cindata

import org.springframework.security.authentication.AccountExpiredException
import org.springframework.security.authentication.CredentialsExpiredException
import org.springframework.security.authentication.DisabledException
import org.springframework.security.authentication.LockedException
import org.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.userdetails.UserDetailsChecker

public class CustomPreAuthenticationChecks implements UserDetailsChecker
{

    public void check(UserDetails user)
    {
        if (!user.isAccountNonLocked())
        {

            throw new LockedException("AbstractUserDetailsAuthenticationProvider.locked")
        }

        if (!user.isEnabled())
        {

            throw new DisabledException("AbstractUserDetailsAuthenticationProvider.disabled")
        }

        if (!user.isAccountNonExpired())
        {

            throw new AccountExpiredException("AbstractUserDetailsAuthenticationProvider.expired")
        }

        if (user.expiredDate)
        {
            def now = new Date().time
            def expiredDate = user.expiredDate.time
            if (now > expiredDate)
            {
                throw new CredentialsExpiredException("The account has expired")
            }
        }
    }
}